Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.5.3 Ensure address space layout randomization (ASLR) is enabledCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

1.6.1.7 Ensure SETroubleshoot is not installedCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

2.2.3 Ensure Avahi Server is not installedCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

2.2.18 Ensure rpcbind is not installed or the rpcbind services are maskedCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

2.3.1 Ensure NIS Client is not installedCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

3.2.2 Ensure packet redirect sending is disabledCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

3.3.9 Ensure TCP SYN Cookies is enabledCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.5.1.2 Ensure iptables-services not installed with firewalldCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.1.3 Ensure nftables either not installed or masked with firewalldCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.3 Ensure iptables-services not installed with nftablesCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.6 Ensure nftables base chains existCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.2.6 Ensure iptables is enabled and runningCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.3.3 Ensure ip6tables firewall rules exist for all open portsCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2.1.2 Ensure rsyslog Service is enabled and runningCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

4.2.1.4 Ensure logging is configuredCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

4.2.1.6 Ensure remote rsyslog messages are only accepted on designated log hosts.CIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

4.2.2.1 Ensure journald is configured to send logs to rsyslogCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

4.2.2.2 Ensure journald is configured to compress large log filesCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

5.1.1 Ensure cron daemon is enabled and runningCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.1.4 Ensure permissions on /etc/cron.daily are configuredCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

5.1.5 Ensure permissions on /etc/cron.weekly are configuredCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

5.3.6 Ensure SSH access is limitedCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

5.3.13 Ensure SSH PermitEmptyPasswords is disabledCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.3.22 Ensure SSH PAM is enabledCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.4.1 Ensure password creation requirements are configuredCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION

5.5.1.1 Ensure password expiration is 365 days or lessCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.5.1.3 Ensure password expiration warning days is 7 or moreCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.5.5 Ensure default user umask is configuredCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

6.2.3 Ensure all groups in /etc/passwd exist in /etc/groupCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION

6.2.14 Ensure users' dot files are not group or world writableCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

6.2.16 Ensure no users have .netrc filesCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, MAINTENANCE

6.2.17 Ensure no users have .rhosts filesCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.3 Ensure 'log_error_verbosity' is Set to '2'CIS MySQL 5.7 Community Database L2 v2.0.0MySQLDB

AUDIT AND ACCOUNTABILITY

6.3 Ensure 'log_error_verbosity' is Set to '2'CIS Oracle MySQL Community Server 8.0 v1.2.0 L2 MySQL RDBMS on Linux MySQLDBMySQLDB

AUDIT AND ACCOUNTABILITY

6.3 Ensure 'log_error_verbosity' is Set to '2'CIS Oracle MySQL Enterprise Edition 8.0 v1.5.0 L2 MySQL RDBMS on Linux MySQLDBMySQLDB

AUDIT AND ACCOUNTABILITY

18.7.10 (L1) Ensure 'Manage processing of Queue-specific files' is set to 'Enabled: Limit Queue-specific files to Color profiles'CIS Microsoft Windows Server 2019 v4.0.0 L1 MSWindows

SYSTEM AND INFORMATION INTEGRITY

18.7.10 Ensure 'Manage processing of Queue-specific files' is set to 'Enabled: Limit Queue-specific files to Color profiles'CIS Microsoft Windows Server 2022 v5.0.0 L1 MSWindows

SYSTEM AND INFORMATION INTEGRITY

18.9.5.2 Ensure 'Turn On Virtualization Based Security: Select Platform Security Level' is set to 'Secure Boot' or higherCIS Microsoft Windows 11 Stand-alone v5.0.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY

18.10.17.3 (L1) Ensure 'Enable App Installer Hash Override' is set to 'Disabled'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

CONFIGURATION MANAGEMENT

18.10.18.3 (L1) Ensure 'Enable App Installer Hash Override' is set to 'Disabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NGWindows

CONFIGURATION MANAGEMENT

18.10.18.3 Ensure 'Enable App Installer Hash Override' is set to 'Disabled'CIS Microsoft Windows 11 Enterprise v5.0.1 L1 BLWindows

CONFIGURATION MANAGEMENT

18.10.77.1.3 Ensure 'Notify Password Reuse' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v5.0.1 L1Windows

SYSTEM AND INFORMATION INTEGRITY

18.10.77.1.3 Ensure 'Notify Password Reuse' is set to 'Enabled'CIS Microsoft Windows 11 Stand-alone v5.0.0 L1 BLWindows

SYSTEM AND INFORMATION INTEGRITY

Access Security - SSH - Use SSH version 2Juniper Hardening JunOS 12 Devices ChecklistJuniper

CONFIGURATION MANAGEMENT

Excel 2 macrosheets and add-in filesMSCT M365 Apps for enterprise 2412 v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

FGFW-ND-000120 - The FortiGate device must synchronize internal information system clocks using redundant authoritative time sourcesDISA Fortigate Firewall NDM STIG v1r4FortiGate

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

Remove file extensions blocked as Level 2Microsoft 365 Apps for Enterprise 2306 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Remove file extensions blocked as Level 2MSCT M365 Apps for enterprise 2412 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Remove file extensions blocked as Level 2MSCT Office 2016 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

SonicWALL - Flood Protection - Layer 2 - All InterfacesTNS SonicWALL v5.9SonicWALL

SYSTEM AND COMMUNICATIONS PROTECTION